Modeling memory use of applications

ABSTRACT

A method includes receiving a program code at a processor. The method also includes generating, via the processor, a heap model corresponding to the program code. The method further includes detecting, via the processor, a linearizable data structure in the program code. The method also further includes modifying, via the processor, the heap model based on the detected linearizable data structure. The method also further includes analyzing, via the processor, the program code using the modified heap model.

BACKGROUND

The present techniques relate to modeling memory use of a program code,and more specifically, to modeling memory use of a program code for usein static analysis.

SUMMARY

According to an embodiment described herein, a system can include aprocessor. The processor can receive a program code. The processor canalso generate a heap model corresponding to the program code. Theprocessor can also further detect a linearizable data structure in theprogram code. The processor can also further modify the heap model basedon the detected linearizable data structure. The processor can furtheranalyze the program code using the modified heap model.

According to another embodiment described herein, a method can includereceiving a program code at a processor. The method can also includegenerating, via the processor, a heap model corresponding to the programcode. The method can also further include detecting, via the processor,a linearizable data structure in the program code. The method can alsoinclude modifying, via the processor, the heap model based on thedetected linearizable data structure. The method can further alsoinclude analyzing, via the processor, the program code using themodified heap model.

According to another embodiment described herein, a computer programproduct for testing an application can include a computer-readablestorage medium having computer readable instructions embodied therewith,wherein the computer readable storage medium is not a transitory signalper se. The computer readable instructions can be executable by aprocessor to cause the processor to receive a program code. The computerreadable instructions can also cause the processor to generate a heapmodel corresponding to the program code. The computer readableinstructions can further also cause the processor to detect alinearizable data structure in the program code. The computer readableinstructions can also cause the processor to modify the heap model basedon the detected linearizable data structure. The computer readableinstructions can also cause the processor to save the modified heapmodel to a new file. The computer readable instructions can also causethe processor to analyze the program code statically using the modifiedheap model.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

FIG. 1 is block diagram of an example computing device that can modelheaps based on linearizable program code;

FIG. 2 illustrates an example simplified heap model using allocationsites;

FIG. 3 is an example cloud computing environment according toembodiments described herein;

FIG. 4 depicts example abstraction model layers according to embodimentsdescribed herein;

FIG. 5 is a process flow diagram of an example method that can modelheaps based on linearizable program code; and

FIG. 6 is an example processing system having tangible, non-transitorycomputer-readable medium that can model heaps based on linearizableprogram code.

DETAILED DESCRIPTION

Linearizability is a correctness condition for concurrent objects thatprovides an illusion that an operation applied to the object takeseffect instantaneously at some point between its invocation and itsresponse. Linearizability implies that a concurrent operation can bedefined by pre and post conditions. A concurrent object is consideredlinearizable if any execution of its operations is equivalent to a“legal” sequential execution that preserves the order betweennon-overlapping operations.

Static data-flow analysis is the general name assigned to analysistechniques that track flow of data throughout a given program based onits code. Static data-flow analysis can be performed in many ways. Acommon characteristic of these methods are that they model unboundedmemory as some finite representation. For example, a heap memory may bepotentially unbounded and therefore can be abstracted into a model. Thismodel enables tracking how data is read and written via local variablesand heap updates, which induces an approximate model of data flow. Forexample, two ways of modeling heap memory for the purpose of data-flowanalysis include the use of allocation sites and access paths. As usedherein, an allocation site refers to a statement in program code thatallocates an object. As used herein, an access path refers to a localvariable, which is followed by a sequence of field identifiers, whichtogether describe a heap object. In the first method, modeling runtimeheap objects as allocation sites limits the size of the “static” heap tothe number of allocation sites in the program. A static heap is a heapthat is bounded in size. In the second example, static data-flowanalysis may be performed by tracking heap locations symbolically asaccess paths. The access paths can denote relevant data-flow paths asstrings consisting of local variables and then 0 or more fieldidentifiers. A field identifier, as used herein, refers to a fullyqualified name of a field. An internal field is a field within a datastructure. For example, an internal field can include a field pointingto the array of key/value pairs inside a map object. Tracking the flowof data at the level of internal fields and methods can result insignificant performance degradation and loss of accuracy. For example,scanning of the program code at the internal field level may use upsignificant resources. Tracking data flow through internal fields mayalso result in the loss of accuracy.

According to techniques of the present disclosure, the linearizabilityof data structures within a program code is used to simplify a heapmodel corresponding to the code into a simplified heap model that can beanalyzed more efficiently. Linearizability leads to a notion ofencapsulation. Encapsulation, as used herein, refers to the process ofcombining code and/or data together into a single unit. Because memory“owned” by a linearizable data structure cannot be observed by otherobjects, encapsulation is useful to data-flow analysis. Memory can be“owned” by the linearizable data structure such that data stored in aheap is exclusively accessed by the linearizable data structure. In someexamples, data flow through a linearizable data structure can thus bemodeled and tracked in terms of the data structure's interface ratherthan its implementation. For example, the allocation sites and/or accesspaths of a linearizable data structure may be limited to the interfaceof the linearizable data structure. Moreover, in terms of heap modeling,the present techniques provide saving of resources. For allocationsites, memory allocated within a linearizable data structure instance isnot explicitly modeled, which results in resource savings. For theaccess-path representation technique, memory manipulated within aninstance is not modeled, also resulting in resource savings. Aninstance, as referred to herein, includes an object and may be alsointerchangeably referred to as an object.

In some scenarios, the techniques described herein may be implemented ina cloud computing environment. As discussed in more detail below inreference to at least FIGS. 1, 5, and 6, a computing device configuredto generate and analyze heap models may be implemented in a cloudcomputing environment. It is understood in advance that although thisdisclosure may include a description on cloud computing, implementationof the teachings recited herein are not limited to a cloud computingenvironment. Rather, embodiments described herein are capable of beingimplemented in conjunction with any other type of computing environmentnow known or later developed.

Cloud computing is a model of service delivery for enabling convenient,on-demand network access to a shared pool of configurable computingresources (e.g. networks, network bandwidth, servers, processing,memory, storage, applications, virtual machines, and services) that canbe rapidly provisioned and released with minimal management effort orinteraction with a provider of the service. In some embodiments, thiscloud model includes at least five characteristics, at least threeservice models, and at least four deployment models.

The example characteristics in some embodiments are as follows:

On-demand self-service: a cloud consumer can unilaterally provisioncomputing capabilities, such as server time and network storage, asneeded automatically without requiring human interaction with theservice's provider.

Broad network access: capabilities are available over a network andaccessed through standard mechanisms that promote use by heterogeneousthin or thick client platforms (e.g., mobile phones, laptops, andpersonal digital assistants (PDAs)).

Resource pooling: the provider's computing resources are pooled to servemultiple consumers using a multi-tenant model, with different physicaland virtual resources dynamically assigned and reassigned according todemand. There is a sense of location independence in that the consumergenerally has no control or knowledge over the exact location of theprovided resources but may be able to specify location at a higher levelof abstraction (e.g., country, state, or datacenter).

Rapid elasticity: capabilities can be rapidly and elasticallyprovisioned, in some cases automatically, to quickly scale out andrapidly released to quickly scale in. To the consumer, the capabilitiesavailable for provisioning often appear to be unlimited and can bepurchased in any quantity at any time.

Measured service: cloud systems automatically control and improveresource use by leveraging a metering capability at some level ofabstraction appropriate to the type of service (e.g., storage,processing, bandwidth, and active user accounts). Resource usage can bemonitored, controlled, and reported providing transparency for both theprovider and consumer of the utilized service.

Service Models are as follows:

Software as a Service (SaaS): the capability provided to the consumer isto use the provider's applications running on a cloud infrastructure.The applications are accessible from various client devices through athin client interface such as a web browser (e.g., web-based email). Theconsumer does not manage or control the underlying cloud infrastructureincluding network, servers, operating systems, storage, or evenindividual application capabilities, with the possible exception oflimited user-specific application configuration settings.

Platform as a Service (PaaS): the capability provided to the consumer isto deploy onto the cloud infrastructure consumer-created or acquiredapplications created using programming languages and tools supported bythe provider. The consumer does not manage or control the underlyingcloud infrastructure including networks, servers, operating systems, orstorage, but has control over the deployed applications and possiblyapplication hosting environment configurations.

Infrastructure as a Service (IaaS): the capability provided to theconsumer is to provision processing, storage, networks, and otherfundamental computing resources where the consumer is able to deploy andrun arbitrary software, which can include operating systems andapplications. The consumer does not manage or control the underlyingcloud infrastructure but has control over operating systems, storage,deployed applications, and possibly limited control of select networkingcomponents (e.g., host firewalls).

Deployment Models are as follows:

Private cloud: the cloud infrastructure is operated solely for anorganization. It may be managed by the organization or a third party andmay exist on-premises or off-premises.

Community cloud: the cloud infrastructure is shared by severalorganizations and supports a specific community that has shared concerns(e.g., mission, security requirements, policy, and complianceconsiderations). It may be managed by the organizations or a third partyand may exist on-premises or off-premises.

Public cloud: the cloud infrastructure is made available to the generalpublic or a large industry group and is owned by an organization sellingcloud services.

Hybrid cloud: the cloud infrastructure is a composition of two or moreclouds (private, community, or public) that remain unique entities butare bound together by standardized or proprietary technology thatenables data and application portability (e.g., cloud bursting forload-balancing between clouds).

A cloud computing environment is service oriented with a focus onstatelessness, low coupling, modularity, and semantic interoperability.Cloud computing includes an infrastructure comprising a network ofinterconnected nodes.

With reference now to FIG. 1, an example computing device can modelheaps based on linearizable program code. The computing device 100 maybe for example, a server, desktop computer, laptop computer, tabletcomputer, or smartphone. In some examples, computing device 100 may be acloud computing node. Computing device 100 may be described in thegeneral context of computer system executable instructions, such asprogram modules, being executed by a computer system. Generally, programmodules may include routines, programs, objects, components, logic, datastructures, and so on that perform particular tasks or implementparticular abstract data types. Computing device 100 may be practiced indistributed cloud computing environments where tasks are performed byremote processing devices that are linked through a communicationsnetwork. In a distributed cloud computing environment, program modulesmay be located in both local and remote computer system storage mediaincluding memory storage devices.

The computing device 100 may include a processor 102 that is to executestored instructions, a memory device 104 to provide temporary memoryspace for operations of said instructions during operation. Theprocessor can be a single-core processor, multi-core processor,computing cluster, or any number of other configurations. The memory 104can include volatile memory 106 and non-volatile memory 108. Volatilememory 106 includes memory that requires power to maintain storedinformation, such as random access memory (RAM) or cache memory.Non-volatile memory 108 can include all other forms of memory, includingread only memory, flash memory, or any other suitable memory systems.

The processor 102 may be connected through a system interconnect 110(e.g., PCI®, PCI-Express®, etc.) to an input/output (I/O) deviceinterface 108 adapted to connect the computing device 100 to one or moreI/O devices 114. The I/O devices 114 may include, for example, akeyboard and a pointing device, wherein the pointing device may includea touchpad or a touchscreen, among others. The I/O devices 114 may bebuilt-in components of the computing device 101, or may be devices thatare externally connected to the computing device 100.

The processor 102 may also be linked through the system interconnect 110to a display interface 116 adapted to connect the computing device 100to a display device 118. The display device 118 may include a displayscreen that is a built-in component of the computing device 100. Thedisplay device 118 may also include a computer monitor, television, orprojector, among others, that is externally connected to the computingdevice 100. In addition, a network interface controller (NIC) 120 may beadapted to connect the computing device 100 through the systeminterconnect 110 to the network 122. In some embodiments, the NIC 120can transmit data using any suitable interface or protocol, such as theinternet small computer system interface, among others. The network 122may be a cellular network, a radio network, a wide area network (WAN), alocal area network (LAN), or the Internet, among others. An externalcomputing device 124 may connect to the computing device 100 through thenetwork 122. In some examples, external computing device 124 may be anexternal webserver 124. In some examples, external computing device 124may be a cloud computing node.

The processor 102 may also be linked through the system interconnect 110to a storage device 126 that can include a hard drive, an optical drive,a USB flash drive, an array of drives, or any combinations thereof. Insome examples, the storage device may include a modeling module 128, asimplification module 130, and an analyzer module 132. For example, themodules may be included in an application such as a compiler or aprogram analysis tool. The modeling module 128 can receive a programcode and create a model of the program code for purposes of analysis.For example, the modeling module 128 can model a representation of theassociated heap of a program code.

Still referring to FIG. 1, in some examples, the simplification module130 can scan a program code for linearizable data structures. Forexample, the program code may contain one or more data structures thatare linearizable. In some examples, the simplification module 130detects the linearizable data structures in the program code andsimplifies these structures in the heap model of the program code. Theheap of a program code can also be bounded using various forms ofsummarizations. A summarization, as used herein, refers to a compiletime representation of one or more runtime heap objects. For example,two such summarizations may include the use of allocation sites and/oraccess paths. If a heap of the program code is modeled using allocationsites, then any allocation sites enclosed within a linearizable datastructure may not be modeled. In the same manner, if the heap of aprogram code is modeled using access paths, then such access paths areto be restricted to the interface of any linearizable data structure. Insome examples, the simplification module 130 can save the resultingsimplified heap model to a new file on a storage device.

In some examples, the analyzer module 132 can use the new filecontaining the simplified heap model for analysis of the program code.For example, the program code can be analyzed statically for securitybefore the code is deployed and executed by end users. Thus, byanalyzing a simplified heap model rather than the original heap model,the present techniques provide a reduction in processing resources.Furthermore, analyzing the simplified heap model results in improvedaccuracy of analysis due to reduction in the chance of errors generallyoccurring when analyzing concurrent methods.

It is to be understood that the block diagram of FIG. 1 is not intendedto indicate that the computing device 100 is to include all of thecomponents shown in FIG. 1. Rather, the computing device 100 can includefewer or additional components not illustrated in FIG. 1 (e.g.,additional memory components, embedded controllers, modules, additionalnetwork interfaces, etc.). Furthermore, any of the functionalities ofthe modeling module 128, simplification module 130, and analyzer module132 may be partially, or entirely, implemented in hardware and/or in theprocessor 102. For example, the functionality may be implemented with anapplication specific integrated circuit, logic implemented in anembedded controller, or in logic implemented in the processor 102, amongothers. In some embodiments, the functionalities of the modeling module128, simplification module 130, and analyzer module 132 can beimplemented with logic, wherein the logic, as referred to herein, caninclude any suitable hardware (e.g., a processor, among others),software (e.g., an application, among others), firmware, or any suitablecombination of hardware, software, and firmware.

FIG. 2 is an example simplified heap model using allocation sites. Anexample heap model is referred to generally by the reference number200A, while an example simplified heap model is referred to generally bythe reference number 200B.

In FIG. 2, heap model 200A includes various linked entries 202 that areconnected via links 204. Map state 206 includes linked entries that arelinearizable. A map 210 is linked to a plurality of buckets 212 vialinks 214. The buckets 212 are connected to a plurality of linkedentries 216 via links 218. Each linked entry has an associated key 220as indicated by arrow 222 and an associated value 224 as indicated byarrows 226. The linked entries 216 are further connected to other linkedentries 216 via links 228. Simplified heap model 200B also includeslinked entries 202 connected by links 204. However, in simplified heapmodel 200B, a map 210 is connected directly to associated keys 230 vialinks 232. Each associated key 230 is further connected to an associatedvalue 234 via a field 236.

In the example heap model of 200A, the map state 206 is a concreterepresentation of the map object 210 as a complex heap structure. Forexample, the map object 210 may be an instance of the classConcurrentMap. The map object 210 is represented as a set of linkedentries 216 having associated keys 220 and values 224.

In the simplified heap model 200B, instead of explicitly modeling theinternal state of the map object 210 using linked entries 216, abstractobjects representing the keys 230 and values 234 themselves are used. Aninternal state, as used herein, refers to memory owned by the datastructure, such as the array of key/value pairs maintained by the mapobject 210. In the example simplified heap model of 200B, the keys 230and values 234 can be connected directly via fields 236 extendingbetween the keys 230 and the values 234. Thus, a simpler representationof the map object 210 can be produced by representing the linearizablemap object 210 using abstract objects representing keys 230 and values234.

It is to be understood that the diagram of FIG. 2 is not intended toindicate that the example heap models 200A and 200B are to include allof the components shown in FIG. 2. Rather, the heap models 200A and 200Bcan include fewer or additional components not illustrated in FIG. 2(e.g., additional linked entries, maps, buckets, keys, or values, etc.).

Referring now to FIG. 3, illustrative cloud computing environment 300 isdepicted. As shown, cloud computing environment 300 comprises one ormore cloud computing nodes 302 with which local computing devices usedby cloud consumers, such as, for example, personal digital assistant(PDA) or cellular telephone 304A, desktop computer 304B, laptop computer304C, and/or automobile computer system 304N may communicate. Nodes 302may communicate with one another. They may be grouped (not shown)physically or virtually, in one or more networks, such as Private,Community, Public, or Hybrid clouds as described hereinabove, or acombination thereof. This allows cloud computing environment 300 tooffer infrastructure, platforms and/or software as services for which acloud consumer does not need to maintain resources on a local computingdevice. It is understood that the types of computing devices 304A-Nshown in FIG. 3 are intended to be illustrative only and that computingnodes 302 and cloud computing environment 300 can communicate with anytype of computerized device over any type of network and/or networkaddressable connection (e.g., using a web browser).

Referring now to FIG. 4, a set of functional abstraction layers providedby cloud computing environment 300 (FIG. 3) is shown. It should beunderstood in advance that the components, layers, and functions shownin FIG. 4 are intended to be illustrative only and are not to beconstrued as limiting. As depicted, the following layers andcorresponding functions are provided.

Hardware and software layer 400 includes hardware and softwarecomponents. Examples of hardware components include, but are not limitedto, mainframes, in one example IBM® zSeries® systems; RISC (ReducedInstruction Set Computer) architecture based servers, in one example IBMpSeries® systems; IBM xSeries® systems; IBM BladeCenter® systems;storage devices; networks and networking components. Examples ofsoftware components include, but are not limited to, network applicationserver software, in one example IBM WebSphere® application serversoftware; and database software, in one example IBM DB2® databasesoftware. (IBM, zSeries, pSeries, xSeries, BladeCenter, WebSphere, andDB2 are trademarks of International Business Machines Corporationregistered in many jurisdictions worldwide).

Virtualization layer 402 provides an abstraction layer from which thefollowing non-limiting examples of virtual entities may be provided:virtual servers; virtual storage; virtual networks, including virtualprivate networks; virtual applications and operating systems; andvirtual clients. In one example, management layer 404 may provide thefunctions described below. Resource provisioning provides dynamicprocurement of computing resources and other resources that are utilizedto perform tasks within the cloud computing environment. Metering andPricing provide cost tracking as resources are utilized within the cloudcomputing environment, and billing or invoicing for consumption of theseresources. In one example, these resources may comprise applicationsoftware licenses. Security provides identity verification for cloudconsumers and tasks, as well as protection for data and other resources.User portal provides access to the cloud computing environment forconsumers and system administrators. Service level management providescloud computing resource allocation and management such that requiredservice levels are met. Service Level Agreement (SLA) planning andfulfillment provide pre-arrangement for, and procurement of, cloudcomputing resources for which a future requirement is anticipated inaccordance with an SLA.

Workloads layer 406 provides examples of functionality for which thecloud computing environment may be utilized. Examples of workloads andfunctions which may be provided from this layer include, but are notlimited to: mapping and navigation; software development and lifecyclemanagement; virtual classroom education delivery; data analyticsprocessing; transaction processing; and model storage.

FIG. 5 is a process flow diagram of an example method that can modelheaps based on linearizable program code. The method 500 can beimplemented with any suitable computing device, such as the computingdevice 100 of FIG. 1 and is discussed with reference to FIG. 2.

At block 502, the modeling module 128 receives a program code. In someexamples, the program code can be source code. For example, the programcode can be written in any programming language. In some examples, theprogram code can be object code. For example, a source code may becompiled into an object code that is then to be modeled accordingly. Insome embodiments, the modeling module 128 can receive the program codefrom an external computing device, an application on a local computingdevice, or a hardware component on a local computing device, amongothers.

At block 504, the modeling module 128 generates a heap modelcorresponding to the program code. For example, a heap model can becreated via static analysis of the program code. The modeling module 128can generate a finite over-approximation of heap objects, as well astheir connectivity, via fields. For example, the finiteover-approximation can be generated by creating abstractions of runtimeobjects and over-approximating the set of objects each abstract objectrepresents as well as the connectivity between the abstract objects. Insome examples, the modeling module 128 can generate a heap model usingallocation sites such as in example 200A of FIG. 2. In some examples,the modeling module 128 can generate a heap model using access paths.For example, a heap may be modeled as a collection of access paths. Anaccess path can include a root pointer variable, followed by a string ofstructure field variables. Properties of the heap may be stored asrelations of access paths in the heap model. Alternatively, in someexamples, the collection of access paths may also be stored in the heapmodel along with objects. Thus, an access path can be a local variable,followed by a sequence of field identifiers, which together describe aheap object. For example, given [x=new X( ); y.f=x;], then the objectallocated in the first statement can be represented by the following twoaccess paths: {x, y.f}. In some examples, one or more the fieldidentifiers may be empty.

In some examples, the heap model can be stored into a data store. Insome examples, the heap model can be storeless (i.e. not stored), theheap model to be generated for each analysis.

At block 506, the simplification module 130 detects a linearizable datastructure in the program code. The simplification module 130 can searchthe program code for data structures that the program code definesand/or uses. Then, for each detected data structure, the simplificationmodule 130 can perform a linearizability check. For example, thelinearizable data structures can include two or more methods that may beexecuted concurrently during execution of a program. In some examples,the simplification module 130 can include any appropriatelinearizability detection tool that can detect linearizable datastructures in the program code.

At block 508, the simplification module 130 modifies the heap modelbased on the detected linearizable data structure. For example, if adata structure is detected to be linearizable, then a heap model can bemodified based on the internal state of the data structure. Forallocation site embodiments, allocation sites enclosed in a datastructure may not be included in a simplified heap model. For example,the simplified heap model may be represented by abstract objectsrepresenting keys and values such as example simplified heap model 200Bof FIG. 2 above. For access path embodiments, the access paths in asimplified heap model may be restricted to the interface of a datastructure. For example, the simplification module 130 can replacecomplex access paths like m.bucketList.iterator.next.value with m.key_K,where K is the actual key. In some examples, the simplified heap modelcan also be stored into a data store.

At block 510, the analyzer module 132 analyzes the program code usingthe modified heap model. In some examples, the new file includingmodified heap model can be used to statically analyze the program codemore efficiently. For example, security analysis may be performed usingthe new file. In some examples, untrusted data may flow into a mapobject 210 as the value corresponding to a given key. Tracking theuntrusted value throughout the concrete map representation 200A may becomplicated as there are many internal fields and data structures.However, if the map object 210 is simply represented as a set of key 230and value 236 pairs, then the analysis simply has to find where thevalue 236 is read via access to the key 230. For example, the analyzermodule 132 can find where the value 236 is read via a Map.get( . . . )operation.

Other applications that may benefit from more efficient static analysisinclude program understanding, program refactoring, verification,debugging, enhancing security, improving performance, compile timegarbage collection, instruction scheduling, and parallelization, etc.

The process flow diagram of FIG. 5 is not intended to indicate that theoperations of the method 500 are to be executed in any particular order,or that all of the operations of the method 500 are to be included inevery case. For example, other forms of summarization may be used inalternatively or in addition to the two types described above.Additionally, the method 500 can include any suitable number ofadditional operations.

The present techniques may be a system, a method or computer programproduct. The computer program product may include a computer readablestorage medium (or media) having computer readable program instructionsthereon for causing a processor to carry out aspects of the presentinvention.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present techniques may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either code or object code written in anycombination of one or more programming languages, including an objectoriented programming language such as Smalltalk, C++ or the like, andconventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer, as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present techniques.

Aspects of the present techniques are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of thetechniques. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

Referring now to FIG. 6, a block diagram is depicted of an exampleprocessing system having tangible, non-transitory computer-readablemedium 600 that can model heaps based on linearizable program code. Thetangible, non-transitory, computer-readable medium 600 may be accessedby a processor 602 over a computer interconnect 604. Furthermore, thetangible, non-transitory, computer-readable medium 600 may include codeto direct the processor 602 to perform the functions described herein.

The various software components discussed herein may be stored on thetangible, non-transitory, computer-readable medium 600, as indicated inFIG. 6. For example, a modeler module 606 includes code to receive aprogram code. The modeler module 606 also includes code to generate aheap model corresponding to the program code. A simplifier module 608includes code to detect a linearizable data structure in the programcode. The simplifier module 608 includes code to modify the heap modelbased on the detected linearizable data structure. The simplifier module608 also includes code to save the modified model of the program code toa new file. The analyzer module 610 includes code to analyze the programcode statically using the modified heap model.

In some examples, the simplifier module 608 includes code to model aheap of the program code using allocation sites. The simplifier module608 can also include code to model a heap of the program code usingaccess paths. An access path can be a local variable followed by asequence of field identifiers. The simplifier module can include code tomodify the heap model by removing allocation sites that are included inthe detected linearizable data structure. The simplifier module 608 canalso include code to modify the heap model using access paths byremoving pointers pointing inside detected linearizable data structuresand replacing them with pointers pointing to interfaces of the detectedlinearizable data structures.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present techniques. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions. It is to be understood that any number ofadditional software components not shown in FIG. 6 may be includedwithin the tangible, non-transitory, computer-readable medium 600,depending on the specific application.

The descriptions of the various embodiments of the present techniqueshave been presented for purposes of illustration, but are not intendedto be exhaustive or limited to the embodiments disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope and spirit of the describedembodiments. The terminology used herein was chosen to best explain theprinciples of the embodiments, the practical application or technicalimprovement over technologies found in the marketplace, or to enableothers of ordinary skill in the art to understand the embodimentsdisclosed herein.

1. A method for analyzing a program source code, the method comprising:receiving the program source code at a processor; generating, via theprocessor performing a static analysis of the program source code, aheap model corresponding to the program source code, wherein the heapmodel comprises object allocation sites; detecting, via the processorperforming the static analysis of the program source code, alinearizable data structure in the program source code, wherein at leastone of the object allocation sites is associated with the linearizabledata structure; modifying, via the processor performing the staticanalysis of the program source code, the heap model based on thedetecting the linearizable data structure; and analyzing the programsource code via the processor performing the static analysis of theprogram source code using the modified heap model.
 2. The method ofclaim 1, wherein the modifying the heap model comprises removing, fromthe heap model, an object allocation site included in the at least oneof the object allocation sites associated with the linearizable datastructure.
 3. The method of claim 2, wherein the object allocation siteremoved from the heap model is enclosed in the linearizable datastructure. 4.-5. (canceled)
 6. The method of claim 1, wherein the heapmodel comprises a static heap.
 7. The method of claim 1, wherein theperforming the static analysis of the program source code comprisesperforming a security analysis of the program source code.
 8. The methodof claim 1, wherein the program source code comprises assemblyprogramming language instructions.
 9. A method for analyzing a programsource code, the method comprising: receiving the program source code ata processor; generating, via the processor performing a static analysisof the program source code, a heap model corresponding to the programsource code, wherein the heap model comprises object access paths;detecting, via the processor performing the static analysis of theprogram source code, a linearizable data structure in the program sourcecode, wherein at least one of the object access paths is associated withthe linearizable data structure; modifying, via the processor performingthe static analysis of the program source code, the heap model based onthe detecting the linearizable data structure, wherein the modifying theheap model comprises replacing a first object access path, in themodified heap model, with an interface of the linearizable datastructure, wherein the first object access path is included in the atleast one of the object access paths associated with the linearizabledata structure; and analyzing the program source code via the processorperforming the static analysis of the program source code with themodified heap model.
 10. The method of claim 9, wherein the first objectaccess path comprises a local variable followed by one or more fieldidentifiers.
 11. The method of claim 9, wherein the first object accesspath comprises a complex access path.
 12. The method of claim 9, whereinthe modifying the heap model further comprises replacing, in themodified heap model, a first set of pointers with a second set ofpointers, wherein the first set of pointers point inside thelinearizable data structure and the second set of pointers point to aninterface of the linearizable data structure.
 13. The method of claim 9,wherein the program source code comprises assembly programming languageinstructions.